Android and the Insatiable Hunger for Data: How Firewall AI Counters This
The digital age has revolutionized our relationship with data. While data communication brings many advantages, the practices of some technology companies raise serious questions about privacy and data protection. A 2018 study by Vanderbilt University (link) sounded the alarm: Android smartphones reportedly make an average of 40.2 user data requests daily, while Apple's iOS makes only 4.2 daily requests. These figures indicate a significant difference in data collection practices.
The main findings of the study include the following:
- Google can identify many of a user's personal interests in a single day on the internet.
- Android facilitates Google's data collection, gathering both personal and device-specific information.
- Chrome collects data from both mobile and desktop devices and sends it to Google.
- Android and Chrome send data to Google, even without user interaction.
- Even without using Google services, Google can collect data through its advertising and publishing products.
- With iOS devices, communication with Google servers remains high even if no Google products are used.
- Advertising identifiers and DoubleClick cookie IDs, which are supposedly anonymous, can be linked to a Google identity.
The Vanderbilt University report found that 35% of the data that Google collects from Android smartphones are location data. Another 24% fall into the device uploads category and 18% relate to the Google Play Store. In contrast, location data accounts for only 1% of Apple, while device uploads dominate at 46%. Alarmingly, the study also showed that Google can identify the interests of a new user "with remarkable accuracy" within a day. Most of this data collection is passive, without the user actively interacting with a Google app.
A notable observation of the study was that an unused Android phone with Chrome running in the background sent location information to Google 340 times within 24 hours.
Even iPhone users are not completely shielded from Google's data collection. The study found that Google still receives data even without using Google Chrome. Remarkably, 75% of this data pertained to online advertising. Apple collects slightly less data from its iPhones daily than Google does.
Another 2021 study by Douglas J. Leith (link) examined the data traffic between mobile devices and their respective operating system developers:
Key findings and points of this study:
- Data Traffic: Both iOS and Google Android send data to Apple or Google, on average, every 4.5 minutes, even when the device is idle.
- Shared Data: Shared data includes IMEI, hardware serial number, SIM serial number, IMSI, and phone number. Telemetry data is sent even if the user opts out. iOS also sends MAC addresses of nearby devices and their GPS location to Apple.
- Data Volume: Google collects a much larger volume of data than Apple. For instance, a Pixel device sends about 1 MB of data to Google in the first 10 minutes after startup, while an iPhone sends about 42 KB to Apple
- Concerns: The amount of data collected is concerning as this data can easily be linked with other data sources once a user logs in. This could lead to further personal data, other user devices, purchase history, etc. Moreover, the high frequency of network connections allows potential location tracking over time.
- Countermeasures: For iOS users, there is currently no way to prevent data sharing. On Android, users can deactivate the network connection and certain Google components when starting the phone to prevent data sharing. However, this has limitations, as many apps require Google Play services.
- Ethics: The study's authors informed Apple and Google of their findings. While Google responded and made clarifications, Apple did not reply.
In summary, this study shows that modern phones continuously send data to their respective companies, whether they run on iOS or Android. This raises significant concerns about privacy, especially regarding what data is collected, how often it is collected, and what happens to that data. It underscores the need for consumers to be aware of the data practices of the devices and services they use.
Not just Google but also device manufacturers
Another revealing study from October 2021 (link) presents findings that pose significant questions about privacy and user control:
Key takeaways from this study include:
- Extensive Data Collection: Despite the potential for alternative Android manufacturers to transmit less data, the study found that many of these manufacturers collect and transmit extensive telemetry data without users being able to turn this function off.
- Involved Manufacturers: The study looked at data transmitted by pre-installed apps on devices sold in Europe from manufacturers such as Samsung, Xiaomi, Huawei, and Realme.
- Data Collection in LineageOS: Even though LineageOS is advertised as a privacy-friendly alternative, it was found that this operating system also sends data to Google. However, LineageOS developers argue that this is due to an optionally installed third-party package, the OpenGApps.
- Type of Data Collected: The examined devices collect IMEI numbers, device phone numbers, hardware component serial numbers, Wi-Fi transceiver MAC addresses, IP addresses, cookies, and other telemetry data.
- Data Collection and Third Parties: Since many of these manufacturers use cloud systems from companies like Google and Microsoft, this data is likely stored not just with the smartphone manufacturer.
- Researchers' Conclusion: While collecting telemetry data is standard in the software industry, the extent of the data collection described here goes far beyond what is deemed acceptable. However, there are also positive examples like /e/-OS, which collects almost no data and is described as very privacy-friendly.
These findings highlight the importance for consumers to be aware of the data collected and transmitted by their devices and have control over which data is shared.
The studies mentioned provide insights into the scope of data collection activities by major tech companies and device manufacturers. They raise crucial questions about transparency, informed consent, and ethical considerations in the industry. For users, these studies underscore the importance of being aware of how their data is used and shared.
The broader implications of such widespread data collection are multi-faceted:
Security Risks: Large repositories of user data can be attractive targets for hackers and malicious actors.
Privacy Erosion: The sheer volume of data being collected can erode individual privacy rights.
Trust in Tech Companies: Such revelations can erode trust in major tech companies, potentially impacting their user base and profitability.
Government Regulations: Such studies can fuel demands for stricter regulations on data collection and usage by tech companies.
Consumers increasingly seek transparency and control over their data, leading to a shift in how technology companies operate. In response to this demand, there has been an increasing trend towards developing and implementing Firewall AI to counter companies' vast data collection practices.
Firewall AI: A Potential Solution
Firewall AI offers a promising solution to the concerns raised by these studies. Here's how:
Block Unwanted Traffic: Firewall AI can monitor and block unwanted traffic between devices and external servers. This gives users more control over what data is shared and with whom.
Learning Patterns: With artificial intelligence, these firewalls can learn user preferences and patterns, ensuring that only legitimate data is shared while blocking potentially harmful or unnecessary traffic.
Transparency: Firewall AI can provide users with real-time feedback on the data being shared and the sources requesting it. This transparency empowers users to make informed decisions about their data.
Customizability: Users can customize the firewall's rules, deciding which apps or services can access the internet and which can't. This gives them direct control over the data shared from their devices.
In conclusion, while tech companies' extensive data collection practices present serious privacy concerns, innovations like firewall AI offer potential solutions. As the tech industry evolves, striking the right balance between data collection for improved services and ensuring user privacy remains a critical challenge.
Learn more about the Android Firewall AI: